Colleagues,
In my role as president of an employee health software company, I am
rooutinely asked to sign Business Associate Agreements (HIPAA
confidentiality agreements) with the hospitals using our software --
since in the course of converting their legacy databases and
providing ongoing support, we routinely view medical information
pertaining to employees, volunteers, contractors, students and
licensed independent professionals.
Today I was intrigued that an individual with the title General
Counsel for Health Sciences informed me that their medical center
does not consider the personal medical information contained in
their employee health database to be protected by HIPAA. I'd be
interested in knowing how prevalent this position is. Has anyone
else been given that information by their hospital's legal
department? If you're not comfortable revealing the name of the
institution, please feel free to reply to me individually rather
than to the entire list.
Respectfully,
Joe Fanucchi
--
Joe
Fanucchi MD FACOEM
President and Medical Director
MediTrax / OHS, Inc.
o:925-820-7758
c:925-368-3367